A code associated with the Russian hacking operation
dubbed Grizzly Steppe by the Obama administration has been detected within the
system of a Vermont utility, according to U.S. officials.

While the Russians did not actively use the code to
disrupt operations, according to officials who spoke on the condition of
anonymity to discuss a security matter, the discovery underscores the
vulnerabilities of the nation’s electrical grid. And it raises fears in the U.S. government
that Russian government hackers are actively trying to penetrate the grid to
carry out potential attacks.

…Burlington
Electric said in a statement that the company detected a malware code used in
the Grizzly Steppe operation in a laptop
that was not connected to the organization’s grid systems.The firm said it took immediate action to
isolate the laptop and alert federal authorities.

Friday night, Vermont Gov. Peter Shumlin (D) called on
federal officials “to conduct a full and complete investigation of this
incident and undertake remedies to ensure
that this never happens again.” [Do the Feds have any responsibility (or capability)
to fix problems like this?Bob]

(Related).I wanted
to know when this happened, but all I could find was a note on their website
that says they were notified by DHS on the 29th.Sounds like a general advisory, not a “you
have been hacked” notice.Good on Burlington
if that caused an immediate scan of their computers, but something still sounds
“off” to me.

On Thursday night, December 29th, the Burlington Electric
Department was alerted by the Department of Homeland Security (DHS) of a
malware code used in Grizzly Steppe, the name DHS has applied to a Russian
campaign linked to recent hacks. We
acted quickly to scan all computers in our system for the malware signature. We detected the malware in a single Burlington
Electric Department laptop not connected to our organization’s grid systems.

Podcast and Transcript via Wharton – “The incoming Trump
administration has made job creation a national priority . But here is a
sobering prediction: No matter which political party holds the White House or
Congress, over the next 25 years, 47% of jobs
will likely be eliminated by technology and globalization, according to WorkingNation.It’s a phenomenon called “structural
unemployment” and it affects nearly all industries and even white-collar
workers. Venture capitalist Art Bilger
founded WorkingNation to sound the alarm about the coming
crisis and to spark discussions about potential solutions. Bilger believes the nature of employment is
fundamentally changing and cannot be reversed. But workers, businesses and the government can
prepare for it if they work together — starting with stepped up infrastructure
spending that has bipartisan support.He
recently joined the Knowledge@Wharton Show, which
airs on Sirius XM channel 111, to discuss his prescription for
ameliorating the coming jobs crisis, and what his organization and others have
tried so far.”

The director of the U.S. Office of Government Ethics
personally ordered tweets praising President-elect Donald Trump for claims he would leave his
business to avoid conflicts of interest.

In emails obtained through a Freedom
of Information Act request by dozens of media organizations, agency
director Walter M. Shaub asked for the tweets to be posted on the OGE’s
official Twitter account, approving of the specific wording of each tweet.

…After the
tweets, many initially speculated that the agency's account had been hacked. A statement from the agency's spokesman confirmed
that the tweets were legitimate.

At this point, it's well-known that Facebook is as much an
advertising company as it is a social network. The company is probably second only to Google
in the data it collects on users, but the info we all share on the Facebook
site just isn't enough. A report
from ProPublica published this
week digs into the vast network of third-party data that Facebook can purchase
to fill out what it knows about its users. The fact that Facebook is buying data on its
users isn't
new -- the company first signed a deal with data broker Datalogix in
2012 -- but ProPublica's report nonetheless contains a lot of info on
the visibility Facebook may have into your life.

…To be clear, the
majority of the information that Facebook gathers comes directly from how its
users interact with the site: ProPublica found that of the 29,000 categories Facebook provides to ad buyers,
only 600 of them came from third-party data providers

BMW is one of the best car makers on the planet. It is also thinking seriously about what
digital transformation means for the car business.

…And yet BMW is
still not making full use of digital business strategy – nor are any other car
makers.

Consider: BMW charges €360 to unlock the ability to access
the apps on the Connected Drive. Some
apps (e.g. Remote Services) cost €80 and others (e.g. Real Time Traffic
Information) can be rented for €45 over 6 months. If one spends a hefty amount of money on a new
car, paying €80 or €45 for an app doesn’t seem too expensive, but needing to
pay €360 to just activate the ability to download the apps seems totally wrong.

Today, we’re going to look at two massive course bundles
that you can name your own price to get. Pay as little as a dollar, and you’ll get a
few of the courses. If you beat the
average, you’ll get them all.

First, we have a bundle that’ll get you into the world of
ethical hacking. It features seven
massive courses. There’s also a bundle
that’ll get you started writing code. It
features a staggering 10 courses on everything from JavaScript to Python!

Friday, December 30, 2016

Biggest data breaches in history – Dave Albaugh – Data
breaches, 2004-2016 – “With a history of more than 5,000 data breaches over the
last 12 years, it’s a safe bet that any electronic information relating to you
is either at risk or has already been compromised at least once. As James Comey, the director of the FBI
puts it, “there are two kinds of companies. Those that have been hacked and those that
don’t know yet that they’ve been hacked. Data breaches that leaked over 10 million
records between 2004 and 2006. Note that
“records” is a loose term and does not necessarily refer to individual user
accounts….”

In the automotive industry, Tesla is a leader in many
respects—but it's hardly head-and-shoulders above the rest when it comes to
self-driving cars.

The Silicon Valley automaker is developing fully
autonomous cars, but it's part of a crowded field that includes many other
automakers and a handful of rich tech companies as well.

Still, Tesla's technical approach may give it an advantage
over its numerous competitors.

…Autopilot does
not provide fully autonomous driving at present, but since Tesla began
installing the system in its electric cars in late 2015, the system has
delivered data on
1.3 billion miles of driving, according to Bloomberg.

This data is valuable because it allows Tesla's engineers
to fine-tune the algorithms that control its cars' active-safety systems, which
will underpin future full autonomy.

…Since the launch
of Autopilot, Tesla has discussed "fleet learning" as a way to
improve the system, and has set up a vast data funnel to enable that.

Even cars that are not equipped to use Autopilot transmit
travel data back to Tesla, once the owner gives permission.

The 1.3-billion-mile figure quoted by Bloomberg includes
miles driven in cars equipped with Autopilot even if it's switched off, because
those cars transmit data on driver behavior just the same.

…Because its
development efforts are linked to production cars in the hands of customers
driving hundreds of thousands of miles a day, Tesla has access to substantially more data than competitors
whose only data is from limited test programs in a few dozen prototype
vehicles.

Since 2009, the Google self-driving cars have covered 2
million real-world miles with human overseers onboard, according to Morgan
Stanley.

President Obama struck back at Russia
on Thursday for its efforts to influence the 2016 election, ejecting 35
suspected Russian intelligence operatives from the United States and imposing
sanctions on Russia’s two leading intelligence services.

The
administration also penalized four top officers of one of those services, the
powerful military intelligence unit known as the G.R.U.

In a head-spinning turn of events on Friday, President Vladimir V. Putin of Russia
announced that he would not retaliate against the United States’ expulsion of
Russian diplomats and new sanctions — hours after his foreign minister
recommended doing just that.

Mr. Putin,
apparently betting on improved relations with the next American president, said
he would not eject 35 diplomats or close any diplomatic facilities, a proposed
tit-for-tat response to actions taken by the Obama administration a day
earlier.

Run-D.M.C. Sues Amazon, Walmart for More Than $50 Million
Over Trademark Infringement

Run-D.M.C. has
filed a lawsuit against Walmart, Amazon, Jet and a number of others for more
than $50 million over alleged trademark infringement on products using the
iconic hip-hop group's name and logo without permission.

The suit was filed Thursday (Dec. 29) in New York and also
names a number of the companies selling the products through those online
marketplaces, as well as 20 John Does, saying they "trade on the goodwill
of RUN-DMC." It explains
that some of the allegedly infringing products claim to be "RUN-DMC
styled products" such as fedora hats and square-frame sunglasses that use
the group's name in their title or description but not the logo. Meanwhile, others more blatantly use the
group's famous logo on shirts, purses, patches and other products.

…Last month,
Amazon filed its first ever
lawsuits against merchants selling counterfeit items on its marketplace.

How to
Tweet if You’re in Government and Not Donald Trump: Write, Review, Edit, Seek
Approval, Wait, Edit, (Maybe) Send (sub. re’d) – by Aruna
Viswanatha and Natalie Andrews: “In 2010, a top Justice Department official
told the agency’s divisions they could set up Twitter accounts and he convened
a ‘working group’ to provide guidance on what, when and how the agency could
tweet. They’re still working on it.
President-elect Donald Trump is poised to become the first tweeter-in-chief, an
executive comfortable making pronouncements on policy or companies with 140
characters. He will assume control of a
federal bureaucracy that tries very hard to do the exact opposite, one that
muffles its social-media presence under pages of rules to avoid making waves…”

…We have online
platforms like Netflix, which not only have become very powerful when it comes
to content distribution, but they’re also now getting into content production. They have deep financial pockets and the
ability to know their consumers because they have consumer-specific data. They know what people are watching, at what
time, what they like, what they don’t like. They’re using that information in both
creating the content and distributing the content.

…How the labels
and artists are making money is so different than 15 years ago. Fifteen years ago, CDs made the money and
concerts were the way you advertise the CDs. Today, concerts make the money and CDs are a
way to advertise concerts. It’s
literally a 360-degree change.

In late 2015, a commuter-shuttle startup caught the
attention of Ford Motor Co.executive John
Casesa, who runs global strategy for the auto maker. The startup, called Chariot, was growing fast
and had an interesting crowdsourced reservation model, a staffer told him,
suggesting a meeting.

One year and a $65 million deal later, the San Francisco
van service is owned by the Detroit giant—part of an acquisition-fueled push
into new areas as an uncertain and perhaps driverless future looms.

“We are in
an era in our industry where M&A will be a frequently used instrument,”
Mr. Casesa said.

Last month I received an email from Jeffery Gordon in
which he shared with me an online
binary calculator that he created for his students. When I asked him for more information about
the calculator and what he was teaching in general, he shared another cool
resource with me. That resource is ScratchMath.

ScratchMath, written by Jeffery Gordon, is a free ebook filled with examples of using
Scratch in elementary school math classes. The examples are Scratch models
through which students can learn concepts dealing with place values,
multiplication, and division. Each example includes the steps that need to be
completed in Scratch to create models like a multiplication array, a
divisibility checker, and factoring game.

For folks who are not familiar with Scratch, it is a free programming tool designed for
students between the ages of eight and sixteen although it has been
successfully used by younger and older students. Scratch uses a visual interface that helps
students see how the parts of a program fit together to create a final product.
Students create programs by dragging and
dropping commands into a sequence. Programs that students create can vary from
simple animations to complex multiplayer games. Visit the Scratch Educators
page to learn more about how to use it in your classroom.

Blynk is an Internet of
Things (IoT) service designed to make remote control and reading sensor data
from your devices as quick and easy as possible. In this article we will cover exactly what
Blynk is, how it works, and provide two short example projects on different
uses of the service with NodeMCU and Raspberry Pi
development boards.

Via LLRX – What
is RSS and How to Use it Effectively – This guide by Pete Weiss – expert
listserv manager, communication device integrator, and newswire
publisher/editor – provides researchers with an overview of why you should use
RSS, along with step by step examples of how
to implement this application which should be part of your knowledge
gathering and current awareness toolkit.

The Obama administration is
thought to be finalizing its response to Russian interference in the 2016
election. This could include any
combination of economic sanctions, criminal indictments or a cyber response -- but the
intention is to get something in place that cannot easily be rolled back by
President-elect Donald Trump. [That seems rather petty.Bob]Details could be announced as early as this week.

Government agencies have concluded that Russia, likely
with the personal direction of Vladimir Putin, were behind the DNC hacks
earlier this year. This is thought to be
part of a wider 'disinformation' campaign designed to support Trump over
Clinton. Similar disinformation concerns
have been raised in Germany
over next year's German elections.

One of Obama's problems is that he has limited means to
invoke retaliation at this stage of his presidency. A 2015 executive order
allows sanctions against people who harm computer systems that are part of the
US critical infrastructure (CI) or seek to gain competitive advantage through
the cybertheft of commercial information; but
elections have not been considered part of the CI.

‘The President is authorised to use
all necessary and appropriate force against those nations, organisations, or
persons he determines planned, authorised, committed, or aided the terrorist
attacks that occurred on September 11, 2001, or harboured such organisations or
persons, in order to prevent any future act of international terrorism against
the United States by such nations, organisations or persons.’

“Written in haste and passed by the US Congress in the
days after 11 September 2001, the ambiguously worded Authorisation for the Use
of Military Force (AUMF) greatly expanded the war powers of the executive
branch, granting US presidents the choice to bomb, raid, detain and monitor
nation states and organisations around the world as they see fit. Centred around an interview with
Representative Barbara Lee, the sole member of congress to vote against the
AUMF, War Authority examines how the
authorisation’s vague language – invoked at least 18 times by the former
president George W Bush, and at least 19 times by President Barack Obama – has
shaped modern US foreign policy and affected people around the world.”
Director: Matthew Palmer.

Follow-up to previous posting – Unreleased CIA assessment concludes Russia aided Trump
– via The Hill – Lydia Wheeler, December
27, 2016: “A lawsuit has been filed
against the CIA, the FBI, the Department of Homeland Security and the Office of
the Director of National Intelligence seeking records pertaining to Russia’s
interference in the presidential election. Journalist Jason Leopold and Ryan Shapiro, a
Ph.D. candidate at the Massachusetts Institute of Technology (MIT), filed a lawsuit in the U.S. District Court for the District
of Columbia on Monday asserting that the agencies have failed to comply with
their request for documents under the Freedom of Information Act (FOIA). Earlier this month, the CIA reportedly concluded in a secret
assessment that Russia had intervened in the presidential election to help
President-elect Donald Trump defeat
Democratic nominee Hillary Clinton. That assistance, officials believe, included
the hacking of Democratic email accounts…”

Russia is a member of the OSCE.Did they think they were being lied to or
that OSCE was withholding information?

The Organization for Security
and Cooperation in Europe (OSCE) confirmed on Wednesday that it
has been the target of a “major security information incident.”

The international security and
human rights watchdog became aware of the security breach in November. According to an OSCE spokesperson, the systems
are now safe.

“We were given entirely new
security systems and passwords,” she added.

Read more on DW.
And yes, the Russians have been blamed
for this, too, by an “unnamed Western intelligence agency.” It would be nice if the “unnamed Western
intelligence agency” would respond to FOIA requests made by others for you
know, records providing actual proof….

Something I could ask my Computer Security students to use
when analyzing security breaches?Sounds
like fun to me!

The U.S. Food and Drug
Administration (FDA) has released guidance on the postmarket management of
cybersecurity for medical devices, encouraging manufacturers to implement
security controls that cover products throughout their entire life cycle.

In 2014, the FDA released guidance for the premarket
management of cybersecurity. The
recommendations include limiting access to trusted users via various
authentication methods, ensuring that only authorized firmware and software can
be installed, and implementing features for cyber incident detection, response
and recovery.

The new
guidance issued by the FDA focuses on managing cybersecurity risks
after the devices have been deployed on a hospital’s network, a patient’s home
network, or in a patient’s body.

Add Desert Care Family & Sports
Medicine in Casa Grande, Arizona to the list of health
facilities who suffered a ransomware attack. But what happened to them has resulted in my
updating my worst
breaches of 2016 list.

On December 20, the center notified HHS that 500 patients
were being notified that their server had been infected in August 2016. Of note, not only were the data on the server
encrypted – including patient records – but Desert Care took the server to
several IT specialists who were all reportedly unable to break the encryption.

“As a result,” their patient notification letter explains,
“the server remains locked and encrypted by the ransom ware, and patient
records are unavailable.”

They do not explain whether they paid the ransom, and if
they didn’t, why they hadn’t once they determined that they could no longer
access patient records. And for the
center to write that three months after a ransomware attack, “patient records
are unavailable” raises several additional
questions, including whether there had been any backup, and if so, what
happened to it (and if there was no backup, why not)?

Information on the server included patient’s “full name
date of birth, home address, account number, diagnosis, types of treatment
information, disability codes, etc.”

To add to their regulatory woes, not only was the center
unable to recover access to their patient records, but they were also unable to determine if patient records were exposed or acquired.

“We have not received any indication that the information
on the server has been accessed or used by an unauthorized individual, but
Desert Care cannot be sure of this, so it is providing you with this notice out
of an abundance of caution,” they write.

DataBreaches.net sent an inquiry to the center asking
whether they were subsequently able to determine what type of ransomware was
involved, and whether they had any backup of their patient records, as their
statement seems to suggest that there may be no backup that they could use to
recover patient information.

This post will be updated if a response is received.

Insider trading or AI trading.Will the SEC believe me when I claim superior
Watson made me do it?

…When options
activity spikes ahead of an announcement, it can indicate that someone had
inside information. Kate Spade has been
under pressure to sell its business, after activist firm Caerus Investors
suggested the company do so last month.

It’s not SciFi, it’s just Amazon! These could also replace the Goodyear blimps
at some future Superbowl.

Amazon has filed a patent
for massive flying warehouses equipped with fleets of drones that deliver goods
to key locations.

Carried by an airship, the warehouses would visit places
Amazon expects demand for certain goods to boom.

It says one use could be near sporting events or festivals
where they would sell food or souvenirs to spectators.

The patent also envisages a series of support vehicles
that would be used to restock the flying structures.

Amazon air force

The filing significantly expands on Amazon's plans to use
drones to make deliveries. Earlier this
month it made the first commercial delivery using a drone via a test scheme
running in Cambridge.

In the documents detailing the scheme, Amazon said the
combination of drones and flying warehouses, or "airborne fulfilment
centres", would deliver goods much more quickly than those stationed at
its ground-based warehouses.

Also, it said, the drones descending from the AFCs - which
would cruise and hover at altitudes up to 45,000ft (14,000m) - would use almost
no power as they glided down to make deliveries.

Many firms working on drones are struggling with ways to
extend their relatively short range, which is typically dependent on the size
of the battery they carry.

The patent lays out a comprehensive scheme for running a
fleet of AFCs and drones. It suggests
smaller airships could act as shuttles taking drones, supplies and even workers
to and from the larger AFCs.

…Amazon's patent
was filed in late 2014 but has only now come to light thanks to analyst Zoe
Leavitt from CB Insights who unearthed the
documents.

Learning to program may seem like a daunting task.
Luckily, it’s not nearly as difficult as it seems. With a bevy of resources
available both on and offline, dedicated communities, and experts to follow on
social media, learning programming is much simpler than it used to be.

I know it’s unlikely, but my geeks might have missed one.On the other hand, they research movies much
more intensely than they do my homework assignments.

Do you have an idea for a game that’s been brewing in your
mind for years? What if I told you that
you could make that idea come to life, even if you have no game development
experience? These days, anyone can make
a video game with a bit of elbow grease and perseverance.

Of course, that doesn’t mean game development is easy. Not by a long shot. Even something as simplistic as Flappy
Bird or Tetris can take a lot of time and effort to make it look
and feel good. But thanks to free game
development software tools, a game that might’ve required one year can now be
made in six months or faster — sometimes without any code!

Note that this list is ordered by least complex to most complex. The simpler free game development tools are
easier to pick up but have limitations. As
you go down the list, you gain more flexibility at the cost of a greater
learning curve.

Law firms that advise on mergers once had to worry about a
rogue employee trading on deal tips. Now, they have to worry about hackers
doing the same.

Federal
prosecutors in Manhattan have
charged
three Chinese citizens with making more than $4 million by trading on
information they got by hacking into some of the top merger-advising law firms
in New York. The three men targeted at least seven New York law firmsto
try to obtain information about deals in the works, according to an indictment
unsealed on Tuesday.

…“This case of
cyber meets securities fraud should serve as a wake-up call for law firms around
the world,” Preet Bharara, the United States
attorney in Manhattan, said in a statement. “You are
and will be targets of cyberhacking because you have information valuable to
would-be criminals.” [If not, why spend time & money to keep it?Bob]

…“Law firms have been identified as the weakest link,
and it is great to see the U.S. attorney taking an interest,” said Daniel
Garrie, a law firm security consultant.

…The indictment
and the S.E.C. complaint detailed a number of major deals in which confidential
information had been retrieved.[Should be simple to identify the law firms
involved.Bob]

…They were
extraordinarily active in pursuing information. The indictment says that from March to
September 2015, the three men “attempted to cause unauthorized access to the
networks and servers of the targeted law firms on more than 100,000 occasions.”[Probably
automated, so not really a lot of effort.Bob]

Major travel booking systems lack
a proper way to authenticate air travelers, making it easy to hack the short
code used on many boarding passes to alter flight details or steal sensitive
personal data, security researchers warned on Tuesday.

The six-digit codes act as
pincodes for locating travel records, albeit with vital differences that make
them highly insecure compared with even the simple usernames and passwords that
consumers use to access email or websites, the researchers said.

Travelers will never know who accessed their information,
because PNR data is not logged, the researchers said. Users have no option to secure these codes
themselves because the credentials are arbitrarily assigned by airlines using
the booking systems.

For my Computer Security students.Attacks are not just in the ‘backoffice’
anymore.

The number of attacks aimed
at industrial control systems (ICS) increased
by 110 percent in 2016
compared to the previous year, according to data from IBM Managed Security
Services.

The company has attributed this significant increase to
brute force attacks on supervisory control and data acquisition (SCADA)
systems.

Attackers apparently used a penetration testing framework
made available on GitHub in January 2016. The tool, named smod, can be used to conduct a security
assessment of the Modbus serial communications protocol and it includes
brute-force capabilities.

Somepeople
have wondered if smart speakers like Amazon’s Echo devices, or its closest
contender, the Google Home, are constantly capturing audio data, rather than
just listening when the right wake word is uttered. Now a court case is bringing the issue to the
fore, and it could potentially show whether that’s actually happening.

The case, involving the investigation of a homicide in
Bentonville, Arkansas, was unearthed earlier today by The
Information. (Hat tip to ZDNet’s
Zach Whittaker for subsequently locating
the case’s documents.)

…And both Amazon
and Google allow users to delete voice recordings. But consumers can only take companies at their
word when they say the devices absolutely do not record when they are muted and
have not been triggered with a wake word.

…But, as The
Information points out, the case is “due to go to trial” early in 2017. That could shed more light on the data
collection norms of this trendy type of technology. (Coincidentally, today Amazon said
that the Echo and smaller Echo Dot were “the best-selling products across
Amazon this year.”)

This case may end up raising questions about how much
audio smartphones, tablets, and even earphones
that listen for “OK Google” or “Hey Siri” are actually recording.

Perspective.Auto
manufacturers are expanding their scope.What makes driving easier?What
do drivers do that auto manufacturers can tie into?

Volkswagen AG’s
financing arm has acquired a Canadian mobile payments company, the latest move
by a car maker investing heavily to compete in a mobility arms race that is
heating up in the auto industry.

The German auto maker’s Volkswagen Financial Services AG
will dish out an undisclosed sum to acquire PayByPhone, a Vancouver-based
company that allows people to pay for certain parking spaces by mobile apps,
phone calls or texts. PayByPhone, founded in 2000, says it processes $300
million in transactions annually.

…Volkswagen wants
access to proven technology to connect a variety of commerce opportunities and
vendors to the cabin of a car and passengers looking for easier payment
methods. Whereas it is difficult to earn
even a 10% profit margin on the sale of a car, some analysts and startup entrepreneurs estimate the margins that auto
makers could reap on the selling of access to car owners and their data could
exceed 75%.

…Audi, one of a dozen brands operated by
Volkswagen, in January pledged $28 million to Silvercar, a startup that lets
its customers book rental cars using a mobile app.

There have been a flood of unrelated transactions in the
auto industry as Ford Motor Co., Toyota Motor Corp., BMW AG and others place financial bets
on small startups in an effort to outrun Silicon Valley tech giants that are
trying to reinvent automobiles.

The Delhi High Court dismissed the case and held that
coursepacks and photocopies of chapters from textbooks are not infringing
copyright, whether created by the university or a third-party contractor, and
do not require a license or permission. Beyond
the immense benefits to students and academics, the ruling had some interesting
wording that gained attention online.

…The university
pointed to the existing copyright exceptions and the fact that the materials were clearly being used for educational purposes,
not meant for commercial exploitation.

“The Guide to Law Online, prepared
by the Law Library of Congress Public Services Division, is an annotated guide
to sources of information on government and law available online. It includes selected links to useful and
reliable sites for legal information.
Select a Link:

The Guide to Law Online is an annotated compendium of Internet links; a portal of
Internet sources of interest to legal researchers. Although the Guide is selective, inclusion of
a site by no means constitutes endorsement by the Law Library of Congress.”

…Start by
changing your mindset. If you believe
that strategic thinking is only for senior executives, think again. It can, and must, happen at every level of the
organization; it’s one of those unwritten parts of all job descriptions. Ignore this fact and you risk getting passed
over for a promotion, or having your budget cut because your department’s
strategic contribution is unclear.

Tuesday, December 27, 2016

The tool is called Predictive World
and the premise is simple: log in using your Facebook account and it will pull
information based on your profile. (You
can choose the more anonymous route and only enter your age and gender, but
your predictions will be less accurate.)

After everything is analyzed, you’ll be able to
explore dozens of statistics and predictions, including your life
expectancy, your risk of being murdered in the next decade, how likely you are
to take career risks, and even your entrepreneurial potential.

All of this is a collaborative project between the
University of Cambridge and Watch Dogs 2, a game that explores the
dangers of an increasingly interconnected world.

Cimagine
created a technology — True Markerless Augmented Reality — that allows users to
preview furniture and appliances they wish to purchase by virtually placing the
objects in their homes via a mobile app.

…Experts note
that while Cimagine has impressive technologies, it is likely their employees’
skills that drew Snapchat’s attention.

I’ll start adding these to my AI file. Someday I hope to write an AI servant to do
this for me.

Apple has published its very first
AI paper on December 22. (The paper was submitted for publication on
November 15.) The paper describes a
technique for how to improve the training of an algorithm's ability to recognize
images using computer-generated images rather than real-world images.[Because ‘real’
is so unpredictable.Bob]

“As more scholarly content is being born digital or
digitized, digital libraries are becoming increasingly vital to researchers
leveraging scholarly big data for scientific discovery. Given the abundance of scholarly
products-especially in environments created by the advent of social networking
services-little is known about international scholarly information needs,
information-seeking behavior, or information use. This paper aims to address these gaps by
conducting an in-depth analysis of researchers in the United States and Qatar;
learn about their research attitudes, practices, tactics, strategies, and
expectations; and address the obstacles faced during research endeavors. Based on this analysis, the study identifies and describes new behavior patterns on the part of
researchers as they engage in the information-seeking process. The analysis reveals that the use of academic
social networks has remarkable effects on various scholarly activities. Further, this study identifies differences
between students and faculty members in regard to their use of academic social
networks, and it identifies differences between researchers according to
discipline. The researchers who
participated in the present study represent a range of disciplinary and
cultural backgrounds. However, the study
reports a number of similarities in terms of the researchers’ scholarly
activities. Finally, the study
illuminates some of the implications for the design of research platforms.”

“freegeoip.net provides a public HTTP API for
software developers to search the
geolocation of IP addresses.It uses a database of IP addresses that are
associated to cities along with other relevant information like time zone,
latitude and longitude. You’re allowed
up to 10,000 queries per
hour by default. Once this limit is
reached, all of your requests will result in HTTP 403, forbidden, until your
quota is cleared. The freegeoip web
server is free and open source so if the public service limit is a problem for
you, download it and run your own instance.”

Via LLRX.com – Deep Web Research and Discovery Resources 2017 –
This report and guide by internet guru Marcus P. Zillman provides researchers with a
comprehensive and wide ranging bibliography of “deep web” data, information,
documents, code, papers, applications and cutting edge tools. They may be used individually, in groups and
in combination, as key drivers to build approaches and queries to harness
knowledge and information services that create strategic, actionable results
for your clients, users and customers, across all communities of best practice.

“This
Article identifies a profound, ongoing shift in the modern administrative
state: from the regulation of things to the regulation of code.This shift has and will continue to place
previously isolated agencies in an increasing state of overlap, raising the
likelihood of inconsistent regulations and putting seemingly disparate policy
goals, like privacy, safety, environmental protection, and copyright
enforcement, in tension. This Article
explores this problem through a series of case studies and articulates a
taxonomy of code regulations to help place hardware-turned-code rules in
context. The Article considers the
likely turf wars, regulatory thickets, and related dynamics that are likely to
arise, and closes by considering the benefits of creating a new agency with
some degree of centralized authority over software regulation issues.”

Despite the scale and potential harm from such attacks,
there's wide recognition that corporate leaders, especially boards of
directors, aren't taking the necessary actions to defend their companies
against such attacks. It's not just a
problem of finding the right cyber-defense tools and services, but also one of
management awareness and security acumen at the highest level, namely corporate
boards.

…"Some
organizations do a better job than others, but those efforts are almost always
led by CIOs, CISOs or business line managers and not by corporate
boards, CEOs and executive management throughout government and the private
sector," Litan added.

…The National Association of
Corporate Directors (NACD) recently released a survey of more than 600
corporate board directors and professionals that found only 19% believe their
boards have a high level of understanding of cybersecurity risks. That's an improvement from 11% in a similar
poll conducted a year earlier.

The survey also found that 59% of respondents find it
challenging to oversee cyber risk.

Another of those (somewhat) useful or interesting things
that come at year-end.

Links

About Me

I live in Centennial Colorado. (I'm not actually 100 years old., but I hope to be some day.) I'm an independant computer consultant, specializing in solving problems that traditional IT personnel tend to have difficulty with... That includes everything from inventorying hardware & software, to converting systems & data, to training end-users. I particularly enjoy taking on projects that IT has attempted several times before with no success. I also teach at two local Universities: everything from Introduction to Microcomputers through Business Continuity and Security Management. My background includes IT Audit, Computer Security, and a variety of unique IT projects.